A MAC Forgery Attack on SOBER-128(<Special Section>Discrete Mathematics and Its Applications)
スポンサーリンク
概要
- 論文の詳細を見る
SOBER-128 is a stream cipher designed by Rose and Hawkes in 2003. It can be also used for generating Message Authentication Codes (MACs) and an authenticated encryption. The developers claimed that it is difficult to forge MACs generated by both functions of SOBER-128, though, the security assumption in the proposal paper is not realistic in some instances. In this paper, we examine the security of these message authentication mechanisms of SOBER-128 under security channel model. As a result, we show that both a MAC generation and an authenticated encryption are vulnerable against differential cryptanalysis. The success probabilities of the MAC forgery attack are estimated at 2^<-6> and 2^<-27> respectively. In addition, we show that some secret bits are revealed if a key is used many times.
- 社団法人電子情報通信学会の論文
- 2005-05-01
著者
-
Watanabe Dai
Systems Development Laboratory Hitachi Ltd.
-
Watanabe Dai
Systems Development Labora-tory Hitachi Ltd.
-
Kaneko Toshinobu
Science University of Tokyo
-
FURUYA Soichi
Systems Development Labora-tory, Hitachi, Ltd.
-
Furuya Soichi
Systems Development Labora-tory Hitachi Ltd.
-
Furuya Soichi
Systems Development Laboratory Hitachi Ltd.
-
Kaneko Toshinobu
Tokyo Univ. Of Sci. Noda‐shi Jpn
関連論文
- Lowering the Error Floors of Irregular LDPC Code on Fast Fading Environment with Perfect and Imperfect CSIs(Wireless Communication Technologies)
- A Study on Higher Order Differential Attack of KASUMI(Symmetric Cryptography,Cryptography and Information Security)
- Mapping for Iterative MMSE-SIC with Belief Propagation
- Linear Cryptanalysis by Linear Sieve Method (Special Section on Cryptography and Information Security)
- FOREWORD (Special Section on Cryptography and Information Security)
- A New Keystream Generator MUGI (Symmetric Cipher) (Cryptography and Information Security)
- Integrity-Aware Mode of Stream Cipher(Special Section on Cryptography and Information Security)
- The Security of an RDES Cryptosystem against Linear Cryptanalysis (Special Section on Cryptography and Information Security)
- A MAC Forgery Attack on SOBER-128(Discrete Mathematics and Its Applications)
- Special Section on Cryptography and Information Security
- Dynamic Swapping Schemes and Differential Cryptanalysis (Special Section on Information Theory and Its Applications)
- An Efficient Interpolation Attack(Special Section on Cryptography and Information Security)
- Improved Higher Order Differential Attack and Its Application to Nyberg-Knudsen's Designed Block Cipher
- Diffretial Cryptanalysis of CAST-256 Reduced to Nine Quad-Rounds(Special Section on Fundamentals of Information and Communications)